[SECURITY] [DSA 3319-1] bind9 security update

2015-07-2819:05:08

lists.debian.org

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Debian Security Advisory DSA-3319-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
July 28, 2015 https://www.debian.org/security/faq

Package : bind9
CVE ID : CVE-2015-5477

Jonathan Foote discovered that the BIND DNS server does not properly
handle TKEY queries. A remote attacker can take advantage of this flaw
to mount a denial of service via a specially crafted query triggering an
assertion failure and causing BIND to exit.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u6.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u2.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7armhflibbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_armhf.deb
Debian8kfreebsd-i386liblwres90< 1:9.9.5.dfsg-9+deb8u2liblwres90_1:9.9.5.dfsg-9+deb8u2_kfreebsd-i386.deb
Debian7powerpcbind9utils< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6bind9utils_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_powerpc.deb
Debian6i386bind9-host< 1:9.7.3.dfsg-1~squeeze16bind9-host_1:9.7.3.dfsg-1~squeeze16_i386.deb
Debian8i386libisccfg-export90< 1:9.9.5.dfsg-9+deb8u2libisccfg-export90_1:9.9.5.dfsg-9+deb8u2_i386.deb
Debian8ppc64ellibbind-export-dev< 1:9.9.5.dfsg-9+deb8u2libbind-export-dev_1:9.9.5.dfsg-9+deb8u2_ppc64el.deb
Debian8s390xlibisc-export95< 1:9.9.5.dfsg-9+deb8u2libisc-export95_1:9.9.5.dfsg-9+deb8u2_s390x.deb
Debian7kfreebsd-amd64libbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_kfreebsd-amd64.deb
Debian7kfreebsd-i386libisc84< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6libisc84_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_kfreebsd-i386.deb
Debian6i386libbind9-60< 1:9.7.3.dfsg-1~squeeze16libbind9-60_1:9.7.3.dfsg-1~squeeze16_i386.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	armhf	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_armhf.deb
Debian	8	kfreebsd-i386	liblwres90	< 1:9.9.5.dfsg-9+deb8u2	liblwres90_1:9.9.5.dfsg-9+deb8u2_kfreebsd-i386.deb
Debian	7	powerpc	bind9utils	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6	bind9utils_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_powerpc.deb
Debian	6	i386	bind9-host	< 1:9.7.3.dfsg-1~squeeze16	bind9-host_1:9.7.3.dfsg-1~squeeze16_i386.deb
Debian	8	i386	libisccfg-export90	< 1:9.9.5.dfsg-9+deb8u2	libisccfg-export90_1:9.9.5.dfsg-9+deb8u2_i386.deb
Debian	8	ppc64el	libbind-export-dev	< 1:9.9.5.dfsg-9+deb8u2	libbind-export-dev_1:9.9.5.dfsg-9+deb8u2_ppc64el.deb
Debian	8	s390x	libisc-export95	< 1:9.9.5.dfsg-9+deb8u2	libisc-export95_1:9.9.5.dfsg-9+deb8u2_s390x.deb
Debian	7	kfreebsd-amd64	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_kfreebsd-amd64.deb
Debian	7	kfreebsd-i386	libisc84	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u6	libisc84_1:9.8.4.dfsg.P1-6+nmu2+deb7u6_kfreebsd-i386.deb
Debian	6	i386	libbind9-60	< 1:9.7.3.dfsg-1~squeeze16	libbind9-60_1:9.7.3.dfsg-1~squeeze16_i386.deb